Upgrade to VCF Automation 9 and unable to find Orchestrator location for krb5.conf file for remote PowerShell Kerberos authentication
search cancel

Upgrade to VCF Automation 9 and unable to find Orchestrator location for krb5.conf file for remote PowerShell Kerberos authentication

book

Article ID: 419182

calendar_today

Updated On:

Products

VCF Automation

Issue/Introduction

In the VCF Automation 9.0.x release the krb5.conf could not be found to configure remote PowerShell Kerberos authentication.

Environment

VCF Automation 9.0.x

Resolution

Create the krb5.conf file manually either using nano or cat

  1. Get the vmware-system-user password and ssh into VCFA appliance: Get SSH Password for VCF Automation 9.0.x or VCF Identity Broker 9.0.x
  2. Login as root: 
    sudo -i
  3. Define the Kubernetes config file:
    export KUBECONFIG=/etc/kubernetes/admin.conf
  4. Login into the vco-app container:
    kubectl -n prelude exec -it vco-app-0 -c vco-server-app -- bash
  5. Create the /usr/lib/vco/app-server/conf/krb5.conf file: 
    touch /usr/lib/vco/app-server/conf/krb5.conf
  6. Put the krb5.conf content into the file
    1. (Option 1) Using nano:
      nano /usr/lib/vco/app-server/conf/krb5.conf
    2. (Option 2) Using cat:
      cat << EOF > /usr/lib/vco/app-server/conf/krb5.conf
[libdefaults]
  default_realm = YOURDOMAIN.COM
[realms]
  YOURDOMAIN.COM = {
    kdc = dc.yourdomain.com
    default_domain = yourdomain.com
  }
[domain_realm]
  .yourdomain.com=YOURDOMAIN.COM
  yourdomain.com=YOURDOMAIN.COM
EOF
  7. (For clustered environments)
    Repeat Steps 4, 5, 6 for vco-app-1, vco-app-2
Powered by Wolken Software